Log in

Login to your account

Username *
Password *
Remember Me

Source: Security Boulevard

COVID-19

COVID-19 has been impacting the world for at least five months, and cybercriminals have not let up in their attempts to manipulate the crisis for their own gain. For example, in the week before Easter—the original hoped-for date to “re-open” the country—Google reported 18 million phishing and malware scams related to COVID-19 every single day...

The post Businesses Underestimate COVID-19 Cybersecurity Risks appeared first on Security Boulevard.

Read more ...

Do you ever feel like security and risk professionals have a completely different set of priorities than the rest of the business? Well that???s because, at most companies, they do. Security professionals are concerned with securing things ??? like servers, networks, and applications ??? from cyber risks.ツ? Business decision-makers are concerned with the customer experience, growing revenue, and innovation.

Forrester addresses this discrepancy in a recent report, citing that, ???Only 16 percent of global security decision makers at enterprises claim that they are identifying new sources of data-driven revenue, and just 14 percent are developing secure customer-facing mobile and web applications.???[1]

The difference in priorities can have a negative impact on a business. For example, by concentrating solely on the security of products and services, security professionals fail to protect against new attacks that focus on how to manipulate decisions made by or about your company or the perception of your products and services. These types of attacks are commonly associated with innovation, so businesses are often fearful that innovative software will expose the company to risk. But innovation is the only way for a company to progress and stay relevant. So, it???s kind of a catch-22.

How can you solve this dilemma? You need security to align with the business priorities, which means security has to concentrate on the customer experience. Just as development is creating minimum viable products, security must match it with minimum viable security. If security and development are aligned, it will open the door to innovation, making security a competitive advantage.

To learn more about this concept, including ways to shift the security mindset, watch the following video featuring Amy DeMartine based on a recent Forrester report she co-authored, Secure What You Sell: CISOs Must Tackle Product Security to Protect Customers.

ツ?

[1] Secure What You Sell: CISOs Must Tackle Product Security To Protect Customers,??? by Jeff Pollard, Amy DeMartine with Laura Koetzle, Elsa Pikulik, Peggy Dostie, Forrester Research, Inc.

The post Great Minds Think Alike: Aligning Security With Business Priorities appeared first on Security Boulevard.

Read more ...

cybersecurity COVID

Without belaboring the point, there are many similarities between the COVID-19 pandemic and cybersecurity. We can learn from the response to the COVID pandemic lessons about cybersecurity. We Know It Is Coming For decades, public health planners have been warning that there would be a novel (no-immunity) disease that would spread across the globe and..

The post Cybersecurity and COVID: 5 Lessons appeared first on Security Boulevard.

Read more ...

budget

Cybersecurity spending, even if only driven by industry and government regulatory compliance mandates, has proven itself to be relatively resilient through previous downturns. Will this downturn prove different? Toward the end of March, S&P Global Ratings cut its global GDP growth from 2.8% to as low as 1%, and research firm IDC predicted that IT..

The post The Economic Shutdown’s Impact on Security Budgets appeared first on Security Boulevard.

Read more ...

There’s a particular mindset we call security thinking. I’ve also seen it called ‘reasoned paranoia.’ The National Security Agency (NSA) recently published a survey of Internet conferencing products that’s interesting for its evaluations. More interesting for me were its recommendations on conducting a secure conference at the endpoints. They discuss things you should do to... Continue Reading →

The post Self-teaching a little security thinking appeared first on Security Boulevard.

Read more ...

meeting

Whether you’re in the office or at home, there’s probably one activity you do more than any other: meetings. It doesn’t matter if you’re a financial analyst, a marketing intern or head of IT security, chances are you’re in near-constant communication with your colleagues. The fact that we rely so heavily on communication doesn’t change..

The post Maintaining Meeting Security During the Coronavirus appeared first on Security Boulevard.

Read more ...

Making Security Awareness Fun

Is your security awareness training program effective and making a difference? Does it fully engage your staff? What about your technical employees, such as developers and engineers? Do they view the accompanying slideshow training as a chore? One way to better motivate and engage employees in training is through gamification.

The post Tips and Tactics for Creating Your Own Capture-the-Flag Event appeared first on Security Boulevard.

Read more ...

Building an effective and resilient organization on a budget isn’t a small task. When it comes to cybersecurity budgets, there are many different aspects that need to be considered. Thankfully, alignment with industry best practice and recognized security frameworks adds a small amount of clarity to this challenge. When presenting the webcast “It’s all about […]… Read More

The post Building Effective Cybersecurity Budgets appeared first on The State of Security.

The post Building Effective Cybersecurity Budgets appeared first on Security Boulevard.

Read more ...

The Open Source Community Unites

In these unprecedented times, the open source community has come together to develop a number of tools to fight the COVID-19 pandemic. Combining efforts with governments, public health officials, doctors, scientists, private citizens and more, open source developers are creating new projects that solve the problems unique to the current global health crisis. 

As these open source projects rise to meet the many challenges of conquering COVID-19, more people outside the open source community are joining forces as they start to understand the power and promise of open source development. The open source model of adopting a collaborative development approach in a transparent environment to fight a common foe is well suited to solving the complex problems associated with COVID-19.

WhiteSource Supports Open Source Projects

Fighting COVID-19

WhiteSource is committed to helping the open source community meet its security needs during this critical period. Because time is of the essence, we understand that security may take a back seat during the development of these important tools, but we are here to support COVID-19 related open source projects in any way we can. 

Inspired by the efforts of the open source community, we have scanned the most popular COVID-19 related open source projects over the past two weeks. We have sent our findings to each project’s maintainers and have offered our services and support free of charge. This offer extends to all open source projects engaged in COVID-19 research, emergency response, or relief efforts. 

We would like to provide our expertise to help secure and manage COVID-19 related open source projects. WhiteSource helps companies of all sizes better manage the open source components in their applications. WhiteSource Integrates with all stages of the software development lifecycle to provide real-time alerts on vulnerable or problematic components with actionable insights for a quick remediation.

Security Remains a Priority

While we understand security may not be the first concern at this time, it is still critically important. Unfortunately, despite the global outpouring of support and collaboration aimed at fighting COVID-19, there are still bad actors out there looking to create chaos. Considering the mandated privacy of the many personal health records involved, the sensitivity of the supply chain supporting vital medical efforts, and the need to protect essential research data, security should be top of mind for any open source project battling COVID-19.

We Want to Help

As we face this enormous public health emergency on a scale that we have not seen before, we all must do whatever we can to help solve today’s critical challenges. WhiteSource is proud to be part of the solution.

If you are working on a COVID-19 related open source project, please reach out and we’ll be happy to offer our product and services free of charge.

The post Our Contribution to the COVID-19 Battle appeared first on Security Boulevard.

Read more ...

With employee ranks thinning due to economic cutbacks stemming from COVID-19, fraud is on the rise. Here’s what to look out for Companies are scrambling to adjust and protect their businesses during the COVID-19 crisis. Even the largest enterprises that have not had previous work from home practices have had to shutter their buildings and..

The post Internal Fraud Surging During COVID-19 appeared first on Security Boulevard.

Read more ...